1. Field of the Invention
The present invention relates to a data transmission controlling method and a data transmission system for controlling transmission of data from a data transmitter to a data receiver. More particularly, the invention relates to a data transmission controlling method and a data transmission system for limiting the reception of transmitted data from a data transmitter to a specific data receiver.
2. Description of the Related Art
In recent years, network type data transmission systems which allow a data transmitter to transmit data to a plurality of remotely located data receivers have been established. For example, satellite television broadcasting is implemented as a broadcast data transmission system utilizing satellite links to distribute video and audio information to a plurality of data receivers.
Another example of the broadcast data transmission system is the Ethernet that is set up as a local area network (LAN). As shown in FIG. 1, an Ethernet network is typically constituted by a data transmitter 351 for transmitting data and by data receivers 352a and 352b for receiving data from the data transmitter 351 over a network 353. A maximum allowable distance between data receivers on the Ethernet is set for several kilometers.
Where it is desired for the data transmitter 351 in the above data transmission system to transmit data to the data receiver 352a, the data transmitter 351 places the data onto the network 353. The transmitted data are supplemented with a destination address identifying the destination data receiver 352a. Illustratively, 48 bits are used to express a large volume of destination address information.
The data placed by the data transmitter 351 onto the network 353 are received by the data receivers 352a and 352b alike. Each data receiver references the destination address attached to the received data to see if the address corresponds to its own address. A typical frame format used by the Ethernet is structured as shown in FIG. 2. In this format, a destination address part 401 designates the address of the destination data receiver that should receive the data.
If a given data receiver judges that the received address is not its own, the receiver discards the transmitted data. That is, the data receiver 352a judging the address attached to the data to be its own accepts the transmitted data, while the data receiver 352a failing to detect its own address in the received data discards the data. On the Ethernet, a data receiving process by a data receiver typically proceeds as shown in the steps constituting a flowchart of FIG. 3.
In step S101, the data receiver receives an Ethernet frame containing data from a local area network. In step S102, the data receiver extracts a destination address from the received Ethernet frame. In step S103, the data receiver checks to see if the destination address is its own address (unicast address) or an address to which it belongs (multicast address). If the destination address turns out to be the data receiver's own address (unicast address) or an address to which it belongs (multicast address), the data receiver transmits the Ethernet frame to a host computer. A unicast address signifies an address destined for an individual receiver, and a multicast address is an address allowing a plurality of data receivers (e.g., a data receiver group) to receive the data transmitted in conjunction with the address.
If the destination address turns out to be neither the address destined for the data receiver in question (unicast address) nor an address to which the data receiver belongs (multicast address), then the data receiver discards the Ethernet frame.
According to the above method of data transmission based on the destination address scheme, any data receiver whose address does not match a transmitted destination address is supposedly incapable of receiving the data furnished with the address. With that data transmission method in effect, however, a data receiver may have its address and its judging feature modified unscrupulously so as to accept otherwise destined data, i.e., data without the destination address identifying the data receiver in question. Such a possibility poses a security problem when confidential data need to be transmitted to a specific data receiver.
Over the Ethernet, the number of data receivers connected to the same network is limited, and so are the distances between the connected receivers. That means there is only a limited possibility that data sent to one data receiver may be tapped illicitly by another data receiver. Illustratively, under a typical Ethernet scheme of 10BASE-5, the maximum length of cables for one segment is limited to 500 meters and the number of transceivers (data transmitter-receivers) connectable to the network is set for up to 100.
Meanwhile, if a data transmission network is structured using satellite links, one network can cover an area wider than the whole country such as Japan. On such a network, data transmitted to a data receiver on the northernmost island of Hokkaido can be tapped by a data receiver in the southernmost Okinawa Prefecture. That is, on any satellite link-based network to which a large number of data receivers are configured, there is an increased possibility of data being illicitly tapped by unintended parties.
In a data transmission setup utilizing broadcast type communication channels such as satellite links, untreated data can be received not only by the intended data receiver but also by those not supposed to receive the data in question. One solution to this problem with today's digital data broadcasting systems using a communication satellite is the encryption of data (i.e., primarily video and audio information) prior to their transmission over satellite communication links. Data receivers, for their part, have a decrypting function to reconstitute the original data. In that type of data transmission system, only those data receivers authorized beforehand to receive data can decrypt the transmissions for audio-visual consumption. One such system is based on Report No. 74 by the Telecommunications Technology Council (Japan). As its transmission format, the system utilizes MPEG2 (Moving Picture Experts Group Phase 2) transport stream packets (TS packets). Illustratively, the system has its data transmitter encrypt data using encryption keys and has its data receivers decrypt the encrypted data using decryption keys corresponding to the encryption keys. The format of the TS packet is shown in FIG. 4. A PID (packet identification) part 411 and a scramble control part 412 in the header of the format determine encryption keys. Typically, the encryption keys include a session key Ks and a work key Kw. The PID part 411 makes up 13-bit data and the scramble control part 412 constitutes two-bit data.
A data transmission system in the existing satellite television broadcast setup transmitting data in the TS packet typically comprises a data transmitter 501 and a data receiver 511 as depicted in FIG. 5. The data transmitter 501 has encryption units 502, 503 and 504 that carry out data encryption using various encryption keys. The data receiver 511 has decryption units 512, 513 and 514 that perform data decryption using various decryption keys, and an authorization judging unit 515.
In the data transmission system of the above structure, the data transmitter 501 first transmits a work key Kw 506 to the data receiver 511. Specifically, the data transmitter 501 prepares in advance the work key Kw 506 corresponding to the PID part 411 and scramble control part 412. The data transmitter 501 then gets the work key Kw 506 encrypted by the encryption unit 504 using a master key Km 507. The encrypted work key Kw 506 is transmitted to the data receiver 511. The master key Km 507 is identical to a master key (decryption key) Km 518 specific to the data receiver 511. The encrypted work key Kw 506 is transmitted from the data transmitter 501 to the data receiver 511 over a satellite link.
On receiving the work key Kw 506 encrypted with the master key Km 507, the data receiver 511 decrypts the received key using its own master key Km 518. The decrypted work key Kw 517 is preserved by the data receiver 511 in correspondence with the PID part. The work key Kw 517 is used to decrypt encrypted data coming from the data transmitter 501.
Upon data transmission from the data transmitter 501 to the data receiver 511, the data transmitter 501 has a payload part 413 of data in the TS packet encrypted by the encryption unit 502 using a session key Ks 505. At the same time, the session key Ks 505 is encrypted by the encryption unit 503 using the work key Kw 506.
Upon receipt of the TS packet with its PID part identifying the data receiver 511 as the destination, the data receiver 511 extracts the previously preserved work key Kw 517 based on the PID part 411 in the transmitted TS packet. Using the extracted work key Kw 517, the data receiver 511 decrypts the encrypted session key Ks 505 transmitted together with the data from the data transmitter 501. By use of the session Ks 516 key thus decrypted, the data receiver 511 decrypts the payload part 413 in the TS packet to extract the data therefrom.
Unauthorized data receivers do not possess the appropriate work key Kw corresponding to the PID part of interest because the work key Kw has not been sent to these data receivers. Such data receivers are incapable of decrypting the session key Ks that the data transmitter 501 has transmitted following key encryption using the work key Kw. With the session key Ks not decrypted, the unauthorized data receivers cannot decrypt the encrypted data from the data transmitter 501. In other words, the unapproved data receivers can receive encrypted data but cannot decrypt the data for audio-visual consumption.
The above broadcasting system utilizing satellite links typically implements restrictive data transmission control as described. Various other methods of restrictive data transmission control are also practiced not only by broadcasting systems but also over, say, the Internet.
On the Internet, PGP (Pretty Good Privacy) and PEM (Privacy Enhanced Mail) are illustratively used to encrypt electronic mail against eavesdropping or falsification by unscrupulous parties. Also employed on the Internet is SSL (Secure Socket Layer) designed to forestall illicit tapping of credit card numbers transferred in electronic commerce based on HTTP (Hyper Text Transfer Protocol). These schemes are characterized by the use of an encryption system or by the adoption of flexible data transmission controls.
There exist more generalized data transmission control methods targeted for IP (Internet Protocol) datagrams. Standardized methods of this kind include AH (Authentication Header) and ESP (Encapsulating Security Payload) generically called IPSEC.
The following problems have been generally experienced in connection with television broadcasts utilizing satellite links:
A first problem is the limited number of authorized data receivers. As shown in FIG. 4, the PID part and the scramble control part for identifying encryption keys comprise only 13 bits and two bits respectively. That means 15 bits are employed to specify only up to 215 (=32,768) data receivers.
A second problem is the increase in costs on the transmitting side in keeping with a growing number of PIDs in use. Illustratively, data receivers need as many MPE2 encoders as are approximately proportional to the number of PIDs. Thus along with an increased PID count have come increased costs on the data transmitter side that requires installing large-scale facilities.
A third problem is the inability of the data transmitter in one-way data transmission over satellite links to know whether information has been correctly transmitted to destination data receivers. For example, there may be cases where, without the knowledge of the data transmitter, data receivers cannot actually receive data therefrom despite their authorized status. However, attempts to transmit information more reliably to data receivers take time. This can involve wasteful consumption of a lot of resources, which causes the reliable yet time-consuming scheme to become an impediment to flexible data transmission control.
A fourth problem concerns a poor affinity with the Internet Protocol when an IP datagram must be transmitted with its PID adjusted to an IP destination address by the data transmitter. More specifically, the destination address of an IP datagram has a 32-bit address format that is difficult to adjust with respect to the 13-bit PID part. Furthermore, the above method currently used on the Internet has a fifth problem: PGP, PEM and SSL are application-specific data transmission controls and are not common to all applications on the Internet. The need for each application to be provided with its own controlling method makes prompt handling of newly introduced applications difficult.
A sixth problem is that while the authentication header and encapsulating security payload are application-independent, there are virtually no network devices compatible with these methods at the level of the current version of the Internet Protocol (e.g., IP v4). While the next version of the Internet Protocol (e.g., IP v6) allows AH and ESP to be used on the Internet in standardized fashion, they are considered practically unusable over the existing Internet.